Asking password before mounting is cumbersome to me. The intended behavior should be the following: 1) If a logged user shuts down, the system halts without asking for password 2) If a user from KDM tries to shutdown while others are logged, root password is required
2011/11/9 Vitovt <vit...@grusha.org.ua>: > I think asking password for reboot is too paranoid for Desktop users. > It shouldn't do it. > > Even asking password before mounting flash drive is very annoying. > > -- > Vitovt > Керівник проекту > Груша.org.ua > e-mail: vit...@grusha.org.ua > IRC: chat.freenode.net #grusha > 73 > > > > 2011/11/9 David Narvaez <david.narv...@computer.org>: >> On Wed, Nov 9, 2011 at 8:36 AM, Mitch Harder >> <mitch.har...@sabayonlinux.org> wrote: >>> On Wed, Nov 9, 2011 at 5:11 AM, Danilo Pianini <danilo.pian...@gmail.com> >>> wrote: >>> > Guys, >>> > I noticed that we allow KDM to restart the system without asking for >>> > any pasword. This could lead to problems: it may happen that you let >>> > your applications run and lock the screen, and malicious user can go >>> > back to kdm by switch user, then shut down the system and killing all >>> > the ongoing work. >>> > In my opinion the default policy shouldn't allow this, since it is >>> > possible to specify that root password is required to shutdown from >>> > KDM. >>> > >>> >>> I worry a policy like this leads to root password abuse. >>> >>> You should be able to use your system for it's intended purpose >>> without needing to supply a root password. >>> >>> On a Desktop system, I think it's reasonable that a user will >>> periodically shutdown/reboot (a server is another matter). >>> >>> This seems more like a bug in KDM to me. KDM should not reboot when >>> sessions are still active. >> >> KDM will warn you there are other sessions (and terminals) open, but >> if you still want to shutdown or reboot, you just click OK. >> >>> But when people have physical access to a system, you can't stop them >>> from rebooting/shutting down your system if they want to. >> >> True. >> >>> I'm also slightly confused about your scenario and how KDE works. >>> When the screensaver locks your session in KDE, does it really let you >>> drop out to KDM? >> >> It let's you "Switch User..." which then takes to to KDM and lets you reboot. >> >> David E. Narváez >> >> >> > > > -- Ing. Dott. Danilo Pianini Site: http://www.danilopianini.org/ Phone: +39 320 41 36 573 Skype: dany.sk
